Standards for private organizations

2020 Edition

Risk Prevention and Management (RPM) 3: Insurance Protection

The organization is adequately insured.
2020 Edition

Currently viewing: RISK PREVENTION AND MANAGEMENT (RPM)

VIEW THE STANDARDS

Purpose

Comprehensive, systematic, and effective risk prevention and management practices sustain the organization's ability to positively impact the communities and people it serves by reducing its risk, loss, and liability exposure.
1
The organization's practices fully meet the standard, as indicated by full implementation of the practices outlined in the RPM 3 Practice standards.
2
Practices are basically sound but there is room for improvement, as noted in the ratings for the RPM 3 Practice standards.
3
Practice requires significant improvement, as noted in the ratings for the RPM 3 Practice standards.
4
Implementation of the standard is minimal or there is no evidence of implementation at all, as noted in the RPM 3 Practice standards.
Self-Study EvidenceOn-Site EvidenceOn-Site Activities
  • Written notification to staff and governing body describing insurance coverage including the extent and limits of such coverage
  • Policy for legal assistance to personnel against whom claims are made
Networks Only
  • Procedures for identifying and verifying provider insurance 
  • Current insurance policies with descriptions, amounts, and dates of coverage
  • Results of most recent annual assessment of insurance needs
Networks Only
  • Documentation of insurance verification
  • Copy of written communication to providers regarding required insurance
  • Interviews may include:
    1. Governing Body 
    2. CEO/CFO
    3. Relevant personnel
Networks Only
  • Interviews may include:
    1. Provider Representatives

Fundamental Practice

RPM 3.01

The organization annually assesses insurance needs in consultation with insurance professionals or experienced legal counsel, and obtains coverage that is commensurate with the scope and complexity of its services.
Examples: Relevant types of insurance can include:
  1. general liability;
  2. worker’s compensation;
  3. disability;
  4. fire and theft;
  5. medical;
  6. indemnification;
  7. professional liability;
  8. officer’s or director’s liability;
  9. automobile liability;
  10. property and casualty;
  11. malpractice;
  12. cybersecurity orcyberliability; and
  13. bonding or other forms of employee theft insurance, for all staff and governing body members who sign checks, handle cash or contributions, or manage funds.
1
The organization's practices reflect full implementation of the standard.
The organization obtains professional consultation about appropriate coverage.
2
Practices are basically sound but there is room for improvement; e.g.,
  • Insurance needs are reviewed annually, however coverage may be insufficient in some areas.
3
Practice requires significant improvement; e.g.,
  • Insurance needs have not been reviewed for more than two years; or
  • Coverage is clearly inadequate in one key area.
4
Implementation of the standard is minimal or there is no evidence of implementation at all.

RPM 3.02

The organization:
  1. provides written notification to the governing body and personnel of the amount and type of insurance coverage related to the scope of their activities performed on the organization’s behalf;
  2. advises the governing body and personnel of the extent and limits of liability coverage; and
  3. provides and assumes the cost of legal assistance to personnel against whom claims are made related to lawful, authorized actions taken within the course and scope of their duties.

Interpretation

All personnel and governing body members must receive this information at the initiation of their association with the organization and when any changes to the level and/or type of insurance coverage occur.
 

Interpretation

This standard does not require the organization to provide assistance to personnel who commit unlawful acts or acts that are not conducted in the course of, or in furtherance of, their employment. In addition, this standard does not require the organization to provide legal assistance to personnel if the organization’s legal counsel determines that doing so would constitute a conflict of interest.
1
The organization's practices reflect full implementation of the standard.
2
Practices are basically sound but there is room for improvement; e.g.,
  • The organization generally provides a written description but on occasion the disclosure is verbal and informal.
3
Practice requires significant improvement; e.g.,
  • The organization provides information only upon request or provides partial disclosure.
4
Implementation of the standard is minimal or there is no evidence of implementation at all.

RPM 3.03

The network annually verifies that provider insurance coverage is current and meets the organization's requirements stated in the contract.
NA The organization is not a network management entity.
Note See RPM 6.04 for more information on establishing and communicating insurance requirements to network service providers.
1
The organization's practices reflect full implementation of the standard.
2
Practices are basically sound but there is room for improvement; e.g.,
  • Procedures for identifying/specifying level and type of insurance or for annually verifying coverage need strengthening.
3
Practice requires significant improvement; e.g.,
  • Annual verification not documented for all providers; or
  • Some providers did not meet insurance requirements yet continue to provide network services.
4
Implementation of the standard is minimal or there is no evidence of implementation at all.